Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AZ500 > ReviewNPrep Sample Practice Test > Flashcards

ReviewNPrep Sample Practice Test Flashcards

1
Q

In Azure Information Protection, there are three types of key scenarios:

  1. Key managed by Microsoft
  2. Bring your own key (BYOK)
  3. Hold your own key (HYOK)

Technologies:
1. Microsoft
2. Key Vault
3. AD RMS
4. HSM

Which of the following best match the key scenario with the technology used to create and maintain the keys?

A. Key managed by Microsoft: Microsoft Bring your own key (BYOK): Key Vault: Hold your own key (HYOK):HSM
B. Key Managed by Microsoft: Microsoft Bring your own key (BYOK): Key Vault: Hold your own key (HYOK): AD RMS
C. Key managed by Microsoft: Key Vault Bring your own key (BYOK): HSM: Hold your own key (HYOK): AD RMS
D. Key managed by Microsoft: Microsoft Bring your own key (BYOK): AD RMS: Hold your own key (HYOK): Key Vault

A

B. Key Managed by Microsoft: Microsoft Bring your own key (BYOK): Key Vault: Hold your own key (HYOK): AD RMS

Explanation:
Key Managed by Microsoft: Microsoft -
The default key automatically generated by Microsoft, is the default key used exclusively for Azure Information Protection to manage most aspects of your tenant key life cycle. Continue using the default Microsoft key when you want to deploy Azure Information Protection quickly and without special hardware, software or an Azure subscription

Bring Your Own Key (BYOK): Key Vault -
BYOK - protection uses keys that are created by customers, either in the Azure Key Vaulot or on premises in the customer organization. These keys are then transferred to Azure Key Vault for further management. Azure Key Vauly standard is a software based HSM and Azure Key Vault Premium is a hardware backed cloud HSM.

Hold Your Own key (HYOK): AD RMS
HYOK works solely with your AD and AD RMS instance. because it is targeted at top secret data, we urge you to keep AD RMS out of yourDMZ. Affter all, your DMS is our close so for those collaboration use cases, just use RMS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

You have an Azure subscription that contains the following resources:

  • A virtual netowkr named VNET1 that contains two subnets named Subnet1 and Subnet2
  • A virtual machine named VM1 that has only a private IP address and connects to Subnet1.

You need to ensure that RDP connections can be established to VM1 from the internet.

What three actions should you perform in sequence?

A. 1. Create a NAT rule collecotion 2. Create a new subnet 3. Deploy Azure Firewall
B. 1. Create a new subnet 2. Deploy Azure Firewall 3. Create a NAT rule collection
C. 1. Create a new subnet 2. Deploy Azure Firewall 3. Create a NAT rule collection
D. 1. Create a Network rule collection 2. Deploy Azure Application Gateway 3. Configure a network security group (NSG)

A

B. 1. Create a new subnet 2. Deploy Azure Firewall 3. Create a NAT rule collection

Explanation:
One option of allowing RDP access onto a virtual machine that only has a private IP address it to deploy an Azure Firewall appliance. The first aspec4t is to ensure to create a subnet called AzureFirewallSubnet. This will be used to host the Azure Firewall instance.
Then create a NAT rule collection to allow remote desktop onto the virtual machine

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AZ500 (19 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions